Web directory

Our XDR platform “connects all the dots”

Providing multi-layered security can be expensive unless solution providers use a platform that offers a wide range of advanced features.

That’s the message from Royi Barnea, head of North American channel sales at Boston-based Cynet, which is developing an extended detection and response (XDR) platform.

Barnea Sunday told a group of solution providers at CRN’s parent company, The Channel Company, XChange 2022 event that it was important to find an approach that can help them make more money by improving their win rates, offering higher margins, lowering their operating and purchasing costs, and providing superior security coverage.

[Related: The 2022 Security 100]

Most solution providers are challenged to do this with their current security vendors, Barnea said.

First, he said, a comprehensive security offering typically requires working with four or more security vendors or solutions, each of which is individually excellent.

“One of the biggest challenges is that they won’t work together,” he said. “They won’t sync, they won’t correlate, they won’t talk to each other. And in terms of security, this can provide a huge lack of real-time visibility. And if we don’t have real-time security threats, visibility of what’s going on, it’s hard to really understand what’s going on, correlate it and, of course, respond to it. One of the biggest challenges [with] different vendors is to create any kind of automation between them. »

The second is the difficulty of finding a good solution for small and medium-sized businesses, which make up about 86% of ransomware attackers’ target, Barnea said.

“Why? It’s an easier job for hackers,” he said. “They don’t have the budgets of a lot of companies, and sometimes not the security awareness.”

Third is the need for solution providers to reduce operating and purchasing costs and capital expenditures, Barnea said.

“If you want to make a decent margin, your final selling price to your customers becomes higher and in some cases becomes unaffordable,” he said. “We’re here to reduce that and improve your prices.”

It’s also difficult to stay relevant, Barnea said. “Top vendors are the ones that stay relevant, which means updating monthly, quarterly, because the industry is a cat and mouse hunt, he said. “The bad guys will always try to circumvent security providers like us.”

Cynet, as an XDR platform provider, offers several types of advanced security features that improve solution provider margins, add automation and improve win ratios, Barnea said.

“How do you do that? Simple math, he said. “If you want to try selling five or six different sell cycles, your win percentage will be much lower than an automated consolidated platform. . And that is exactly what true XDR is.

Cynet’s XDR platform includes next-generation user behavior analysis, endpoint detection and response, network detection, network traffic analysis, honeypot deception, SaaS security posture to protect SaaS applications, network detection and response, and security orchestration and automated response, he said.

Creating security orchestration automation and response can significantly reduce the impact of a ransomware attack by allowing partners to do things like shut down an IP port, delete a route table, exclude a host from Active Directory for 30 minutes and isolate user endpoints, Barnea said.

“It’s a very different approach to security that we have to take against ransomware and many other attacks,” he said. “It connects all the dots together. To create this manually is going to be a challenge. Automatically will be much easier. This is exactly what Cynet is here for.

Cynet is 100% focused on solution providers looking to provide a simple security solution for customers, Barnea said.

“We’re focused on XDR to provide a much simpler solution for your customers, a much easier way to approach them,” he said. “We reduce your purchase costs and investment costs and allow you to obtain a much higher win ratio.”

Barnea, in response to a question about whether Cynet provides XDR for mobile devices, said that it does not despite mobile devices being one of the company’s early development goals.

“The main reason is that most mobile devices are delivered via ‘bring your own device’ and, especially in the US market, that’s a challenge,” he said. “First, few CIOs will really invest in a solution when the end user can remove the app, and so there’s virtually no app. Second, the scariest thing for businesses: we can all see, so there are privacy issues.”

Barnea, responding to further questions, said that Cynet does not have a vertical orientation, but has a strong niche in small businesses. Also, he said, Cynet doesn’t yet work with a two-tier distribution, but it’s something he’s considering doing.

Cynet made some very good points on a very timely topic, said Ron Lovern, executive vice president of Triton Networks, a Dallas-based MSP that manages customer stacks from LAN to cloud.

“If you’re not doing security as part of your business model, you need to get out of that business,” Lovern told CRN. “That’s one of the biggest issues we see. We take over a lot of IT groups. If they have a third party doing IT and all they do is desktop support, we end up taking over just because of the security perspective. They don’t manage the network. They manage from the office.

Once an attack reaches the office, it’s too late to stop it, Lovern said.

“As Barnea said, with SOAR [security orchestration and response], you have to go there before the ransomware enters the network because it will stay in your network for five, six, seven, eight months to learn everything that is happening and then the attack will begin,” he said. he declares. “People think the attack just started. No, he’s been in your network for maybe even a year.

Triton currently has three vendors that manage three different layers of its security stack, but having one technology to do it all would be critical, Lovern said.

“When I look at the LAN environment, there’s usually endpoint protection or ransomware protection or web filtering at that level,” he said. “These are really below server level. Then you have this next layer, this extended network, where firewalls come into play. This controls the security of your network. And then there’s the next layer, which is the security part of the cloud, maybe AWS or even Salesforce. And you have to deal with them in three different ways. Most IT groups only manage the lower level. »

Cynet’s ability to manage everything with a single view is significant, Lovern said.

“There are companies that come close, but this is the first one I’ve seen that does a 360 degree view,” he said.